Hardening the DevOps Pipeline with New Open-Source Security Tooling

Explore a comprehensive roadmap for hardening your DevOps pipeline against cyber attacks in this 17-minute conference talk by Steve Taylor from DeployHub, Inc. Learn about five critical phases where open-source security tools can be implemented to enhance your pipeline's security. Discover the latest advancements in code signing, repo scanning, image SBOMs, OCI registries, pipeline audits, CDEvents, and evidence catalogs. Gain valuable insights into evolving your DevOps practices to incorporate cutting-edge security solutions at minimal cost, equipping yourself with the knowledge to immediately strengthen your development and deployment processes.